PK sign/verify: hash=NULL is ok if md_alg=0 and hash_len=0

commit: ee3cfec3cc87b71ea0f9a4e3b5524a225a9e4809 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Wed Dec 19 17:10:02 2018 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Wed Dec 19 17:11:44 2018 +0100
tree: f057d7bbbe79ddc1f7998ead68b27573a0224abf
parent: 998fbfbe6872e4d163d02d81f4c3966e86eb5262 [diff]
diff --git a/library/pk.c b/library/pk.c
index 38ab774..66301ee 100644
--- a/library/pk.c
+++ b/library/pk.c

@@ -240,7 +240,8 @@
                mbedtls_pk_restart_ctx *rs_ctx )
 {
     PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( hash != NULL );
+    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
+                     hash != NULL );
     PK_VALIDATE_RET( sig != NULL );
 
     if( ctx->pk_info == NULL ||
@@ -297,7 +298,8 @@
                    const unsigned char *sig, size_t sig_len )
 {
     PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( hash != NULL );
+    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
+                     hash != NULL );
     PK_VALIDATE_RET( sig != NULL );
 
     if( ctx->pk_info == NULL )
@@ -361,7 +363,8 @@
              mbedtls_pk_restart_ctx *rs_ctx )
 {
     PK_VALIDATE_RET( ctx != NULL );
-    PK_VALIDATE_RET( hash != NULL );
+    PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
+                     hash != NULL );
     PK_VALIDATE_RET( sig != NULL );
 
     if( ctx->pk_info == NULL ||
commit	ee3cfec3cc87b71ea0f9a4e3b5524a225a9e4809	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Dec 19 17:10:02 2018 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Dec 19 17:11:44 2018 +0100
tree	f057d7bbbe79ddc1f7998ead68b27573a0224abf
parent	998fbfbe6872e4d163d02d81f4c3966e86eb5262 [diff]